Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Blog: Snort 3.1.16.0 has been released!

From: "Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>
Date: Wed, 3 Nov 2021 17:03:17 +0000


https://blog.snort.org/2021/11/snort-31160-has-been-released.html

Snort 3.1.16.0 has been released!

   [cid:6301FA0D-D1C2-43B6-A042-6A208EA7AD75]

The SNORTⓇ team recently released a new version of Snort 3 on Snort.org<https://snort.org/snort3> and the Snort 3 
GitHub<https://github.com/snort3/snort3/releases/tag/3.1.13.0>.

 
<https://1.bp.blogspot.com/-ntj3EkCrSqA/YG83tevX5oI/AAAAAAAAAaU/3s-jMVQHRrwrE7eCWnrgDpEcAjYqnmDZwCPcBGAYYCw/s1500/snort3_social_blog%2Bheader.jpg>
Snort 3.1.16.0 contains several new features and bug fixes. Here's a complete rundown of what's new in this version. 
Users are encouraged to update as soon as possible and to upgrade to Snort 3 if they have not already done so.

Changes in this release (since 3.1.15.0):

  *   appid: during initialization, skip loading of Lua detectors that don't have validate function
  *   appid: in packet threads, skip loading of detectors that don't have validate function on reload
  *   appid: provide API to give client_app_detection_type
  *   codec: geneve - ensure injected packets have geneve port in outer udp header
  *   detection: refactor mpse serialization
  *   detection: rename PortGroup to the more apt RuleGroup (and related)
  *   detection: replace PortGroup::alloc/free with ctor/dtor
  *   doc: add SIP built-in rule documentation
  *   doc: update built-in rule doc for SMTP, IMAP and POP inspectors
  *   doc: update built-in rules documentation for dns module
  *   doc: update built-in rules documentation for ftp-telnet
  *   doc: updated builtin rules documentation for gtp module
  *   flow: fix warning in flow_cache.cc<http://flow_cache.cc>
  *   flow: use the same pkt_type to link and unlink unidirectional flows
  *   http2_inspect: refactor decoded_headers_buffer for hpack decoding
  *   http_inspect: eliminate cumulative js data processing
  *   http_inspect: handle unordered PDUs for inline/external JavaScript normalization
  *   http_inspect: improve file decompression
  *   hyperscan: sort patterns for dump / load stability
  *   ips: correct fast pattern port group counts
  *   mpse: add md5 check to deserialization
  *   reload: add logs to track reload process
  *   reload: move out reload progress flag to reload tracker
  *   search_engine: support hyperscan serialization
  *   search_engine: support port group serialization
  *   sip: track memory for sip sessions
  *   ssl: disable inspection on alert only at fatal level
  *   stream_tcp: fix init_wscale() to take into account the DECODE_TCP_WS flag
  *   tcp: remove the obsolete GNUC block from TcpOption::next()
  *   tcp: stop on the EOL option in TcpOptIteratorIter::operator++()
  *   utils: add get methods to peek in internal buffer
  *   utils: correct Normalizer's output upon the next scan
  *   wizard: update globbing and max_pattern


Snort 3 is the next generation of the Snort Intrusion Prevention System. The GitHub 
page<https://github.com/snort3/snort3> will walk users through what Snort 3 has to offer and guide users through the 
steps of getting set up — from download to demo. Users unfamiliar with Snort should start with the Snort Resources page 
and the Snort 101 video series<https://www.youtube.com/watch?v=W1pb9DFCXLw&ab_channel=CiscoTalosIntelligenceGroup>.

You can subscribe<https://www.snort.org/products> to Talos' newest rule detection functionality for as low as $29 a 
year with a personal account. Be sure and see our business pricing as well 
here<https://snort.org/products#rule_subscriptions>. Make sure and stay up to date to catch the most emerging 
threats<https://snort.org/products#rule_subscriptions>.


_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: